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Applic. NO. 10/620,108 RECEIVED 

Amdt. dated August 31, ^007 Amendme nt dated July ^JTRAlFAX CENTER 
Reolv to Notice of Non-compnan 

R p Y AUG 3 J 2007 

gpecj fication Amendments 

™* between lines 20-25 on page 1 of the 
Replace the . paragraph between 

specification with the following: 

9lM advent of cashless payment traffic and 
--With the increasing advene oi. 

the t,******^"^^ 

individual households, such as e.g. in case of pay TV 

th ere is an increasing demand for cryptographs 
applications, there is an ± 

algor ithms in order to ha able to perform digits, signatures, 
eventrations and encryption tasKs. Known cryptographic 
alg orithms comprise asymmetric encryption algorithms, such as 
. B the RSA algorithm, eyerie encryption processes, such 

as e.g. the ID**-. » — - ~» - - OCeSSe8 ba8ed OD 
elliptic curves.-- 

o i-ir.^ 30 and page 3, line 
Replace the paragraph between page 3. Irne 

' „ of the specification with the following. 

protecting chip card terminal system against criminal 

enecific protocols are employed between 
manipulations, specific pr 

, ,i.i„a e.g. mutual authentication 

terminal and chip card, comprising e.g 

a „ „ell as encryption and decryption operations making use of 
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^^^S^-^^ — dated julY 31 ' 2007 

Reply to Notice 1mnted in the cryptographic 

the cryptographic algorithm, implemented 

the crypcocj ^ „ <rtnal ch ip cards consists m 

rtr A problem with conventional chip 
processor. A prowj- e a. for 

, - *->^ eecret functions, e.g. 

thac the £ ° r the card in tne form 

encryption, are fiddly provided on the chrp 

£ Lea wiring and/or in stored form and thus are 
of a fixea wuj- ^ . . _ Vprs Spying 

•w, to being spied out by potential attackers, 
susceptible to being P by 

raohic algorithms implemented in chip 
out of cryptographic 9 q£ 

_ . for example/ tne 
an attacker comprises, orocesa or and the 

• - t structure of the cryptographic processo 

the circuit struccux fl . niCt ureB. If 

f the exposed semiconductor structures 
optical analy-s of the exp 

bv waY of the chip card m his pos 
a n affacher. hy way algorichro , 

succeeds In obtamrng the cryp 

c n a rein, the attacher -U be - - che 

• vnev o£ implementing the same, to carry o 
possibility of rmp ^ 

i-V^ chip card xn oraer 
stacks aga.net the 

£ t „e =hiP card. «hen the underlying cryptographs 

. «achs have a .thy! , far greater chance of 
is k now, the att.Ce ^ ^ ^ ^ ^ 

success, and coneeguently the 
traffic is at risk.-- 

Kepl aoe the paragraph he»een lines ,0-3, on page 3 of the 
specification with the foUowing, 
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^iSS-cXi^ — - — 2007 

Reply to Notice ^ u 

..With conventional chip cards, the pr 

ted merely b V harf "" e Pr0=e9 

— " h as by the hidden contact process. « case 

— SUCh t ; s «e made to prevent the optical 
of this process, attempts ar 

lysi s of removed semiconductor structures and thus 

to the underlying electronic circuit hy means o £ 
—on « - ^ _ o£ speci£ lc layout libraries 

hidd en contacts and y ^ ^ 
for tb e underlying gates^ ^ ^ ^ 

4-~o and OR gates, differ n 
MB, gates and O concea ling measures indeed 

These hardware conceanny 
different doping. These und erlylng 
i„crease the expenditure for Ending cut the 

° IYP ^j — the circuitry and design 

che other hand also increase eiee 

expenditure, the chip reap e=tively . - 

orocessor end the chip card, respe 
cryptographic processo 

unes 14-29 on page * ° f che 
Replace the paragraph between lines 

specification with the following: 

■ t h a first aepee* object of the invention. 
.. in accordance with a fir 

_ obiect is achieved by a security module 
this aepeee ^ ^ ^ 

wlch a terminal, comprising ^ 

, 4 to . terminal, for receiving at least 
coupled to a ce* the 

rt f the complete algorithm code 
algorithm code or of the 
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SSSE'^ — — 2007 

tM with the algorithm — — • P— ° £ 
secrets, 

an e*e^ i-e^ac. for giving supply — 

froro the terminal,- a vol.- memory for — the P- of 
the alg orithm Co, or the complete algorithm — received via 
the data interface, said volatile memory -in, ^ed to the 

interface in order to have ****** POw*r supplied 
efte*gy power interface 

v, ^h,t the same will be cleared upon an 
thereto such that tne b™« 

f the receipt of the supply e*e*gy power from 
interruption of the receipt 

the terminal, and . processor for performing the 
cod e in order to obtain an algorithm code reauit that can be 
delivered to the terminal. -- 

« 4 line 31 and page 5. line 
Replace the paragraph between page 4. Una 

M of the specification with the following: 

In accordance with e second ae^e* 2*1- of the invention. 

■ ,„Mmd bv a terminal for use with a 
this aspee* object is achieved by a x. 

. flHna . a data interface adapted to be 
security module, comprising- a data 

, ™A»le for transmitting at least part 
coupled to the security module, 

■ w ■ or the complete algorithm code from the 
of an algorithm code or tne comp 

terminal to a volatile of the security ^dule and for 

receiving the algorithm cede result fro. the security -odul.. 
„ lch the algorithm code concerning a processing of secrets, 

v -i „ te r£ace for delivering supply e«e*gy- 
and *n-e«e*gy a power interface 
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Zlv JTSuS-S — ^ July 31 ' 2007 

Bar t= the security — <*•• » ith the volatlle " ^ 

supplied hy the supply energy sucn — -» l 

«- *-he receipt of Che supply 

be cleared upon an inter j."*^ 

„ from the terminal, Wirt the terminal, for each 

„ication operation hetween terminal ana security module 
during one and the same oommunloation operation with the 
security module, being designated to send at least the part of 
C he algorithm oode or the compete algorithm code to the 
volatile memory of the eeourity module, and, subseguently. 
during the further oommunloation process, receive the 
aigorithm code result from the security module. - 

Hsplace the paragraph between lines 15-31 on page . of the 
specif Icatlon with the following: 

accordance with a third a*pe<* obisct of the invention, 
th ls ae^ee ohisct is achieved hy a procees for computing an 
algo rithm code result ueing a eeourity module, comprising the 
sreps of, receiving at leaet part of an algcrithm code or the 
complete algorithm code by means of an ™ interface, with 
the algorithm code concerning a preceding of secrete,- 
volatile-storing said part of the algorithm code or said 
oomplete algcrithm code in a volatile memory of the security 
module, with the volatile memory heing coupled to the energy 
interface, to be supplied with e*«gy power, such that the 
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STiSi -I ianc -.a duly - -o, 

eame will he cleared upon an P ^ 

» DO wer from the terminal . P« 
the supply e*e*9y E2«S£ an 

„ on the security module in order to oh 
alg orithm code on algori thm code result 

, t hm code result; delivering saxd algor 
algorithm code said volatile memory upon an 

to the terminal, and clearing ^ 
int erruption of the receipt of the supply ^ P_ 
the terminal •-- 

„ 5, line 33 and page 6. l ine 

aeplace the P a» gr aph between page 
„ of the specification with the following, 

„ ith . £ourth aepeet of the invention, this 
accordance wrth concro lUng a 

^» object 1. achieved by a process for 

"^le using a terminal in order to obtarn an 
security module ^ ^ 

algo rlthm code result from the eeou 

■ lna tor each communication operation, 
process comprising for e 

. the following steps during one and the 

forming the ^ ^ aecurlty ^ delivering 

oommunicat.on operat ^ ^ ^ 

supply e«e^gy power from the 

a t least part of an algorithm code or the 
transmitting at least P volat ile memory 

from the terminal to a 
_iete algorithm^ t ^ . 

o£ the security -*U. ^ _ _ ^ 

processing of secrets, 
by the supply ene«y Eower, such 

< .->,.= receipt o£ the supply energy k 

upon on interruption of the rece^P 
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Applic. No. 10/620,108 
Atndt. dated August 31, 2007 

Reply to Notice of Non-Compliant Amendment dated July 31, 2007 
from the terminal; and receiving the algorithm code result 
from the security module. -- 

Replace the paragraph between lines 13-28 on page 6 of Che 
specification with the following: 

--in accordance with a fifth aopoofr object of the invention, 
this aspeefe object is achieved by a process for communication 
between a security module and a terminal, comprising the steps 
of: transferring at least part of an algorithm code or the 
complete algorithm code from the terminal to the security 
module, with the algorithm code concerning a processing of 
secrets; volatile-storing said part of the algorithm code or 
said complete algorithm code in a volatile memory of the 
security module, with the volatile memory being supplied by 
the supply energy power , such that the same will be cleared 
upon interruption of the receipt of the supply energy power 
from the terminal; performing said algorithm code on the 
security module in order to obtain an algorithm code result; 
delivering said algorithm code result to the terminal; and 
clearing said volatile memory upon an interruption of the 
receipt of the supply energy power from the terminal. -- 

Replace the paragraph between lines 18-38 on page 7 of the 
specification with the following: 
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HDS^S- 1 - — — 2007 

* 9eC uritY module, such as a 
v^<na to the invention, a security 
--According w LI1 <= . 

• - a TPM (Trusted Platform Module) m the 
chip card, comprxses a ■ card for uSC . 

__o, n ~ or a smart cara, 
fo rm of a colter plug-m module 

interface adapted ^ 

witn a terminal in addition to a data 

led t o the terminal and receiving «- «- terminal 
C ° UP n ith m code or the compete algorithm 

least part of the algorithm code or 

wer interface receiving supply energy 
cod e, «*^«e*gy a_power interfa 

^ as a volatile memory for storing the part 
- Wel1 ^ data interface or of the 

the aigorithm code received via the data 

^ ved with the volatile memory 
algorithm code received, witn 

a lg orithm code in order to obtain an algorr 

„ he delivered to the terminal. The 
that can be delrv bayirabee^received may 

finder of the algorithm code not.havrng _ 

h core d for example, in a non-volatile memory, eueh 

be stored. 9uf£ic ient supply 

« .u .ecurity module. If there 
BOM, of the secur y algorithm code 

there ia thus no complete argo 
ower present, there 

a**** 9 ? K , „« the security module, 

■ .rt in the non-volatile memory of the sec 
contamed rn algorichm code available 

and conseouently there ia no complete algo 
to be run by a potential attacker.- 

n line 40 and page 8, line 
Replace the paragraph between page 7, Ime 

„ of the specification with the following, 



n «f ill 



PAGE 9/42 * RCVD AT 8/31/2007 3:04:03 PM [Eastern Daylight Time] * SVR:USPT0-EFXRF-6/1 * DNIS:27 38300 * CSID:9549251 101 ' DURATION (mm-ss):0446 



08-31-' 07 14:58 FROM-LGS PatentUSA 



9549251101 



T-502 P010/042 F-979 



, -,-able for use with the security module 
—A terminal suitable tor u 

• v, e fore such as e.g. an automatic cash 

diS penser, a mobile telephone with 

„ f _., example a data intense 
comprises for examp 

rt Aile and transmits the part or c 
coupled to the security module and 

* ode or the complete algorithm code from the 
algorithm code ^ and 

■ .1 to the volatile memory of the secur 
terminal to security module, 

< »« the algorithm code result from tne 
receives the alg . nterface delivering the supply 

ae W ell as e^-gy a^wer interface 
e^«- Che security module.- 

a line 15 and page 9, line 

Repla =e p-«9»p* »-«— pa3e 8 ' . 

, o£ th . appellation with t*. foil*-.' 

to . — — ■ - ——' 7 

: — — ■ — - - — - 

. . is carried out between the terminal and 
scheme, is carri _ security 

. pation between terminal and securi y 
^dule during a communication 

„ The transfer of the algorithm code from 

encrypted and 

to the security module is carried 

,« order to counteract eavesdropping and 
cert lf led form in — on „ terroi nal 

.^niation of the communication c 

! modUl e X h « or t h e eec« it y «*0. » 

and security module. 



PAGE 10/42 * RCVD AT 8/3112007 3:04:03 PM [Eastern Daylight Time] * SVR:USPT0-EFXRF-6/1 * DMS:2738300 * CS1D:9549251101 * DURATION Qiiiks):0M6 



08-31-' 07 14:58 FROM-LGS PatentUSA 



9549251101 



T-502 P011/042 F-979 



this en, — -itahX. — - - rf0rmln9 eii M 

encryption and decryption as well 
authenticate, encrypti respe ctively . Por 

„A certification examination, re v 
certification and certifi & 

«nd for effectively preventing access 
increased security and for algorit nm 

i t-tacker to the transferred part of the aig 
potential attacker t ^ & 

code, the security module may 

means which, if P^e ^ 1ir . itv 

, he vo iatile memory, such security 
£ulfil led, clears the irregula rity and 

_ mnrige the interruption, an i 

con aition S *»y — the processor or 

. £ XuctuatXon in the euppXy 

-lock or other operating parameters ae tn y 
effected by manXpuXation of the eeour 

, „ith the terminal. In the event that the 
la tter interacts „th * =£ ^ 

^itorino .eana has not effected 

• -. ^^.moT-v and thus the pare 
*-v,c volatile memory auu 
memory, the voiac , prm ination of 

j — fhP latest upon terminate 
algo rith, code X. cXeared at ^ ^ 

the conation het»een ter-maX ^ * _ 

«f the supply energy PO^e£' * ee P ec 
interruption of the su PP ^ ^ 

eg by withdrawal or removal of the secur 

e - g " DY . , tne algorithm code is no longer 

terminal, whereby this part of the 

■ i Btt acker for pe^^^^^ 0 ^ 
available to a potential attacker P— 

^n^ru^within specific attacks.- 

« lines 10-24 on page 9 of the 
Replace the paragraph between lines 

specification with the following: 
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Re ply to Notice oi- 

„ U ce the attaoKaoility ot the system, 
xn order to further reduce ^ 
, (Myle provided to transfer the part of the a«o 

■ al to the security module intermittent* - 
£roro the ter^nai t ^ ^ ^ ^ 

Mdi£1 ed form and repeated an ^ ^ ^ 

in the volatile memory xnBtead of 

* e This renders possible changes xn 
algorithm code. This r een 

nhic algorithm during the communication be 
cryptographic algo ^ pay TV 

i ^ cecurity module, such as e.g 
terminal and security ^ 

. „ -vi^ alqorithm coae 
hut also changes in the aigo 
applications, but also 

« « terminal -security module 

communication, such as e.. ^ ^ 
it is further aggravated for a p 

■ A A Qut[[ n the algorithm code employed. - 
fee^ of find out 1 1. J J 

Q line 26 and page 10, 

' Repl a=e the paragraph hetween page 

. .,4i-Vi the following: 
line 13 of the specification with 

• the algorithm code of the security 
_-m addition to protecting the algo 

■ t soving out by a potential attaOcer, an 
^ U le against spying ^ ^ ^ 

additional advantage of P on fields , s.ch 

it is applicable to a multiplicity of appli 

•o Cash) cards, credit cards, multi 

aS 9 t cards Depending on the 

or pay TV smart car as 
application cards or y y 
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-•^SH--- *— e daced July 31, 2007 

Reply to — ^ ^ security 

particular — ^ tb " ^ contains P— 

«* - CelVed ^ ^ I JLl W or one or «. 
o£ . code £ . functions o £ crucial security card 

„hic algorithm. o£ the security module, 
cryptographic algon versa tile 

~f RPdurity modules, tne vc 
producers or producers of secui 

.11 as the enhanced security against 

tha market and 

i „,ns increased acceptance 
potential attacks means inc 

, v =h*re in addition thereto, the 
th »s an increased market share. 

security of the security module is increased 

as the increased security is achieved by software 

" £ Is volatile memory. - conventional and complex 
loa ding - the vox ^ oode ^ 

hardware measures for pr 
ctential attackers, as described hereinbefore, may 

• addition or be replaced by less expensive 
carried out in addition securi ty or 

k <„„ae since the functions o£ crucial 
hardware techniques 8eo urity module 

th e underlying cryptographic algorithm of 
a re not permanently provided on the chip card.- 

Eep lace the paragraph between page 10. U- » - - 
. line 15 of the specification with the following! 

-.-ned description 
It is pointed out that the foiling detailed 

of the present invention refers to 
of specific embodiments of the p 

nations by way of example only, and that the 
chip card applications oy * 

inapplicable to other security 
present invention is also applxc 
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Applic. NO. 10/620,108 

Zlv SM"^ — ent ^ JU1Y 31 ' 2007 

m odules, euch TPMs in the form of plug-in boards, «- 

following description may easily be transferred to such 
plications. A ccordingly, the following description also 
refers to terminals for chip cards, such as e.g. cash 
dispensing machines, by way of example only, although a 
terminal according to the present invention, in other fields 
of application. may also be a computer, for example, having a 
tpm in the plug-in erases .lots thereof, or a mobile telephone 
„ith a smart card in the card reader thereof, or the tergal 
may generally be an arbitrary apparatus capable of 
communicating with the security module. - 

Replace the paragraph between page 11. line 33 and page 12, 
iine 15 of the specification with the following, 

J . ... n have the prerequisite that a 
--The steps illustrated in Fig. 1 have tne p 

tvo^m- possible between the terminal and the 
communication is already possioie 

chip card which, for example, may be the case upon 
introduction of the chip card into the terminal.- in this 
regard, the terminal 20 may be a contactless or contact 
terminal, and the communication connection thus may take place 

intact It is necessary furthermore 
without contact or via a contact. 

for communication that chip card 10 be supplied with ™ 
power from terminal 20, which may also be carried out in 
contactless manner via electromagnetic radiation or via a 
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Reply to Kotice of Hon ^ 
.ft« Che communication connection D 

rr:: - - - -.- rrr. - 

- - - t" :t. - — — •• 

m ay be carried out first. 
th e relevant protocol etc.- 

lines 17-36 on page 12 of the 
R eplace the paragraph between lines 

specification with the following: 

, suoplying enoug y S2wer to 

v. a ^ ns (not shown) of supply i a 

- R£t " - — ca-on connects as 
ch e chip car* . - _ fa „ termina l 30 an, 
well as initial— 9 the c ^ inai ^ ^ 

rd 10 1. carried out in a step 30, e.g. 
chip card 10 re challe n 9 e and reaponse 

. in accordance with the cna 

authentication in ac example, 

. The mutual authentication -V comprise, 
process. The mur , i(lca tion Number) by the 

„f » PIN (Personal Identification 

the nrn i i - — - — - 

^ ^ of chip calcific data stored on the chip 

fo , e^le o c P ^ idfintificatio n n«-r and a 

_ conne ction with a chip card 

personal identification > authenttcation code 

key stored on the chip card as well s a 

„ t he chip card and representing a cryp 
stored on the chip aaymme tric 

„v, *s e Q. a symmetric or an aay 
algorithm, such as e.g. 

.„ Hm The authentication serves 
cryptographic algorithm. The a 
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Reply to Notice or n te rminal 

t Afcer the communication connect between 
contact. After fltablish ed and supply e*e*f>Y 

^- ^HA-rd 10 has been establisnea 
20 "* ChiP * ' to ohlp eard ,0. initial^ steps 

- — S - PU6d * m e B the mutu al on 

My be carried out first, such 

the relevant protocol etc- 

lines n-3« on page 12 of Che 
Bep laee the paragraph between lines 

epe cificacion with the following: 

, the stepe (not shown, of supplying « M 

- **" r the 3E P „„„ication connection as 

,n establishing the communicatio 
the chip card 10, esta termi „al 20 and 

. <tlali2i ng the communication between 
well as initialing 20 ^ 

rd 10 is carried out in a step 30. e.g. 
chip card 10 ohalle nge and response 

■in accordance with tne cn» 
authentication m accor exa mple, 
_ ,i authentication may comprise, 

Identi£1 cation » 

che inputting of » «» <-*— 1 

■ „ hi ch the mutual authentication 30 make 

=8rd U8er ;; n : h P card-s P ecifio data stored on the chip 

lh a e g. » chip card identification number and a 
T t ica ion number, in connection with a chip card 
pers onal identified authaMie atien code 

scor ed on the chip card and represents =rVP 

„aseg a symmetric or an asymmetric 
algorithm, such as e.g. ^ 

-v, m The authentication serv 
cryptographic algorithm. The a 
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AOPliC NO. 10/620,108 

& t^TTltclZl^ ~— *"* July 2007 

3Ur e that only admitted chip cards may communicate 

. „ T £ the authentication yields an error, the 
admitted terminals. It tne a 

communication connection is terminated.- 

« oo ^9 on caqe 13 of the 
Repl ace the paragraph between Unas 22-., on p 

specification with the following: 

.. m case the certificate examination reveal, that the 

4 the communication between 

certificate lacks genuineness, the com 

* .Hit, card 10 is interrupted, and there may be 
terminal 20 and chxp card 

- chin card 10 dee^-nefe longer eW 

provisions made that the chxp car 

^^^^ oc^ for a predetermined period of trme. 
It is thus avoided that a potential attac-cer taps the 
communication connection hetween terminal ,0 and chip card 10 

. fl „_ the volatile memory of the chip 
and enters a "false" code to the vol 

„ reforming by the chip card 10, could 
card 10 which, upon performing uy 

* fiecret data stored on chip card 10, 
effect the outputting of secret 

for example - - - 

replace the paracraph between pa 9 e 13. line 34 and pa 9 e 14. 
Une 21 of the specification with the following: 

I£ the certificate examination revealed the g enuineness of 
t h e certificate, the transferred part of the al g orithm code ie 

H in a step SO, in a volatile memory of chip card 
then stored, in a seep 
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dated juiy z 2007 

e.crypte* or aecrypte* — « ^tll^ 

. thereof or before ee****m±eg 
hpfore storage thereoi 
decrypted betore The 

■ bv a cryptographic processor on chip card 
execution by a cryp^ y 

— c ode having a part thereof — « - » - 

.... a debiting - — «— - Ch "7; o 

■ ehe chip card 10. or the program code for 
discharging the chip o 

f iM a cryptographic aigorithm neceeeary during the 
performing a crypt g symroet ric or 

£urt her creation ae^nca, auch ^. , 
asymmetric cryptographic procaaa. an 

« C o the PES - elliptl= CU " " 

according to the DB reBtrio tlon to these 

„ =.cret algorithm, however without reatrio 

the event of a pay *V appUcation, the aigorithm 

T mP-eTror —on ~«* " 

co de compn a ^ ^ ^ 

decryption of the tele 

w«„i-*fcion of the image lines 01- 
9Uch aa e.g. the ^ algorithn code to he 

o£ r rr;;:r : — - - - - * -* 

cation between 

during the time o£ execution 
terminal 20 and chip card 10. ~ 

ia line 39 and page 15, 
Heplaca the paragraph between page 14. 
line 27 of the specification with the following: 
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Applic NO. 10/620,108 

to N on-Co£Iiant Amendment dated uu ly ,1. -07 

- in , step 70, the part of the algorithm code stored in the 
volatile memory is cleared again, clearing of the algorithm 
eode may be effected, for example, by taxing out the chip card 
W from terminal 10 by the card neer and by thue interrupting 
the delivery of supply ESwer *«• ««" inal 20 C ° ° hlP 

card 10. l-ul plating .M^e»pee-e# Tn order to preven t 
potential attackers *e-P*e*ee* fromjprotectina the volatile 
memory, e.g. a RUN. ageinee^eee-e Eromjooeina the stored 
part of the algorithm code 0 0,11 i-hereby -J f successf ul , these 
would come into possession of the complete algorithm code!. 
the Chip card 10 may have a. specific monitoring meane provided 
thereon which effects active clearing of the volatile memory 
of the chip card 10 also M in case a monitoring operation 
reveals that specific security conditions are fulfilled, such 
as interruption of the system clock, the interruption of the 
delivery of supply e*e*SY Bower or other indications for a 
possible attack, such as voltage fluctuations or the like, 
consequently, the algorithm cede, after utilization of the 
chi p card 10 in the terminal 20 or interference with the 
communication seguenoe. is no longer present on chip card 10 
and thus is no longer exposed either to potential attacks and 
3 pying out by potential attackers. An attacker in possession 
of the chip card cannot carry out security computations on the 
basis of the complete algorithm code since the latter is not 
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Amdt. dated August 31, 2007 a ^ aA t „i v 3 i 2007 

Reply to Notice of Non-Compliant Amendment dated July 31, 

completely in the range of access of the attacker. The spying 

out of keys or algorithms is thus effectively prevented.- 

Replace the paragraph between lines 18-35 on page 17 of the 
specification with the following: 

- with reference to Fig. 2 and Fig. 3, possible embodiments 
for the construction of a chip card and a terminal, 
respectively, will be described hereinafter. Fig. 2 shows a 
block diagram of a chip card generally designated 100. Chip 
card 100 comprises a data interface 110, a*^*e*gy ajaower 
interface 120, a RAM 130, a processor 140 and a ROM 150. The 
data interface 110 is adapted to be coupled to a terminal (not 
shown), for example via a contactless coupling or via a contact 
and is capable of transmitting data from the chip card to the 
terminal and, vice versa, of receiving data from the terminal. 
The data interface 110 is connected to processor 140 whereby, 
the data to be transmitted and .received can be transmitted to 
and from processor 140, respectively. The e*e*gy power 
interface 120 Is adapted to be coupled to the terminal as well 
in order to obtain from the terminal supply e*e*gy power in 
the form of, for example, electromagnetic en^y power or a 
supply voltage. B*e*gy Power Interface 120 distributes the 
supply e*e*gy power to the processor 140 and the RAM 130.- 
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^Compliant — t date, ,uly 31, 2007 

Replace the paragraph between page 18, line 37 and page 19, 
line 19 of the specification with the following: 

- Fig . 3 shows a block diagram illustrating the terminal 
construction in accordance with an embodiment of the present 
invention. The terminal, generally designated 200, comprises a 
data interface 210, an e*e*gy pp-r interface 220, a processor 
230 connected to data interface 210 and energy oower interface 
220, as well as a memory 240 connected to processor 230. The 
data interface 210 is adapted to be coupled to the data 
interface of a corresponding chip card in order to carry out a 
data exchange between the terminal 200 and the chip card (not 
shown) . The e*e*gy power interface 220 is also adapted to be 
coupled to an e*e*gy Eower interface of the particular chip 
card in order to deliver supply ene^ power thereto. 
Processor 230 controls, for example, the sequence of 
operations during communication of terminal 200 with the chip 
card and performs, for example, the initialization, 
authentication, the encryption of the algorithm code to be 
transferred, which is stored in memory 240, the certification 
thereof as well as the transfer of the encrypted and certified 
algorithm code to the data interface 210 for transfer thereof 
to the chip card.-- 
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ZL the paraph — _ ». - « - - - 
line , of the specification «ith the 

<* to the pr-eding description, it is P°">»* 
„ With respect to er ^ odim ent 3 only. 

^ v,^« referred to speciJ--t-^ 
^ hhat the same has xej-«j- 
out that tn« nart 

x i-viP encryption of tne 
The .utuai authentication and the » cerci£ication 

tr ans £ ~~d o £ the ai 3 o r ith m code ae weii - ^ 

. ttad in specific applications, for examp 
may be omitted xn sp 

...sure according to the invention, that 
th e very measure ac gtored in a volatile memory of 

f of the algorithm code is stored m 

d it is rendered very difficult for a potential 
the chip card, xt o£ ch±p 

_ _ rform functions of crucial 
attacker to perform functions 

« encryption algorithms and access 
card, such as e.g. encryp etc . # 

r* specific information, such as a balance 
to chip card apecxfi ^ 

-re not permanently stored on the cnxp 
si nce these are P ^ 

t-*™- are not in the possession of tne p 

thus are not longer received. 

, oSt if supply e*e*gy 22^ 18 n ° 
rather are lost xt s vv Q „ ain3 c loss of 

t of protecting the volatile memory against 
The attempt ot P^ LC . _ ^- em ed 

lfe to be very difficult and may be deemed 
this function turns out to be v ry 

TH.able in practical application. - 
to be not realizable i» v 

■ n rtM 20-37 on page 20 of the 
ReP lace the paragraph between lines 

specification with the following, 
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- A current possibility o£ realisation of the present 
invention consists, for example, in the processor of product 
family SLE66 CX3 2 0P of the company mfineon AG. which by way of 
an MMU <MMU - Memory Management Unit, renders possibie to run 
a code stored in a RAM in that it controls memory access 
operations to the RAM. in the simplest case, e^eaey even the 
transfer of onlv encrypted !»p addresses or memory addresses 
£ rom the terminal to the chip card wouid effectively prevent 
that a -native code" or machine code can be ioaded by a 
potential attacker. ****** ES2 «lth such a simple 
realization of the present invention, an attacker would not be 
abl e to perform the security computations in the chip card, 
since the Jump addresses and thus the sequences would be 
unknown. This idea may be imparted to a customer of such a 
component by draftin, an application note, thereby Increase 
the security of the application with corresponding realisation 
thereof in the controller software of the chip card and in the 
terminal software.-- 
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Ztv tTt^lf^'-cZl^ Amendment dated **v ». 

Replace the Abstract of the disclosure with the following: 

-A purity module for use with a terminal comprl.es a data 
interface adapted to be coupled to a terminal, for re=eivin 3 
at least part cf an algorithm code or the complete algorithm 
code from the terminal, as well as an e** ESS!" interface 
for receiving supply energy power. A volatile memory coupled 
C o the e«e*gy power interface in order to have e*^ power 
applied thereto stores the part of the algorithm code or the 
complete algorithm code received via the data interface, with 
a processor performing the algorithm code in order to obtain 
an algorithm code result that can be delivered to the 
terminal. Due to the storing of at least part of an algorithm 
code in the volatile meme*y.e memory cf the security moduls, 
according to the invention, the algorithm code of the security 
^dule is effectively protected against spying out by a 
potential attacker. ~- 



Fig, 2 — 
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